Application API
Clear API and contract surface for Topolo Quro, grouped under the application instead of split across generic reference sections.
App IDs:
app_topolo_quro Repos:
Hosts:
https://quro.topolo.app https://quro.stg.topolo.us Dependencies: topolo-auth, applications-packages
Depends on Topolo Auth: yes
Type: curated
Source: system-apps/TopoloDocs/src/content/public/applications/quro.mdx
Source exists: no
Canonical Quro coverage now lives in the docs application. Quro uses the stable topolo-quro slug and resolves the environment-specific Auth app ID at runtime instead of compiling opaque app IDs into the browser, API worker, or widget contract. The canonical browser callback delegates one-time sso_code redemption to the shared Topolo auth client and no longer exposes a /sso?token= bridge route. The canonical branded login surface completes embedded password sign-in through shared Auth persistence and app-owned navigation on quro.topolo.app. The browser keeps same-tab sessionStorage access-token restore enabled by default after login and refresh so normal reloads do not appear logged out before cookie refresh completes. The API worker now also exposes authenticated `GET /api/widget` for TopoloOne live workspace.
API key scopes in Auth catalog: 12
No global OpenAPI security scheme is declared.
analytics.read analytics.write api_keys.write codes.read codes.write links.read links.write redirects.invoke series.read series.write settings.read settings.write Wrangler surfaces: none detected
Environment variables: none derived
Routes: workers.dev fallback or no explicit route declared
Observability enabled: no explicit signal found
Wrangler surfaces: No wrangler file detected in scanned surface
This application does not yet have a source-controlled OpenAPI spec in the docs platform. The current API page is derived from the registered contract source and repository surface.